package com.rainbow.support.xss.properties;

import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.http.HttpMethod;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;

/**
 * @author rainbow
 */
@Data
@ConfigurationProperties(prefix = XssProperties.XSS_PREFIX)
public class XssProperties {

	public static final String XSS_PREFIX = "rainbow.extra.xss";

	/**
	 * 全局xss过滤器处理类型:0-hutool转义,1-hutool过滤
	 */
	public static final String XSS_HUTOOL_ESCAPE_HANDLER = "0";
	/**
	 * 全全局xss过滤器处理类型:0-hutool转义,1-hutool过滤
	 */
	public static final String XSS_HUTOOL_REPLACE_HANDLER = "1";

	/**
	 * 是否开启
	 */
	private boolean enabled = true;

	/**
	 * xss 过滤包含的路径（Ant风格）
	 **/
	private Set<String> includePaths = Collections.singleton("/**");

	/**
	 * xss 需要排除的路径（Ant风格），优先级高于包含路径
	 **/
	private Set<String> excludePaths = new HashSet<>();

	/**
	 * 需要处理的 HTTP 请求方法集合
	 */
	private final Set<String> includeHttpMethods = new HashSet<>(Arrays.asList(HttpMethod.GET.name(),HttpMethod.POST.name(),HttpMethod.DELETE.name(),HttpMethod.OPTIONS.name(),HttpMethod.HEAD.name(), HttpMethod.PUT.name(), HttpMethod.PATCH.name()));

	/**
	 * 全局xss过滤器处理类型:0-hutool转义,1-hutool过滤,2-jsonp过滤
	 */
	private String type = XSS_HUTOOL_ESCAPE_HANDLER;

}
